extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-30 20:04:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

* API/Auth: when required by setup check password strength upon login; user must be allowed to change password

Browse Source
This commit is contained in:
Klaus Leithoff 2013-04-04 11:50:48 +00:00
parent 464ad25139
commit 70082d917b
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
login.php
View File

@ -340,11 +340,11 @@ else
// redirect to referer on logout
$GLOBALS['egw']->session->appsession('referer', 'login', $_SERVER['HTTP_REFERER']);
}
// Check for save passwd
if($GLOBALS['egw_info']['server']['check_save_passwd'] && $GLOBALS['egw']->acl->check('changepassword', 1, 'preferences') && $unsave_msg = $GLOBALS['egw']->auth->crackcheck($passwd))
if($GLOBALS['egw_info']['server']['check_save_passwd'] && !$GLOBALS['egw']->acl->check('nopasswordchange', 1, 'preferences') &&
($unsave_msg = $GLOBALS['egw']->auth->crackcheck($passwd)))
{
$GLOBALS['egw']->log->write(array('text'=>'D-message, User '. $login. ' authenticated with an unsave password','file' => __FILE__,'line'=>__LINE__));
error_log('login::'.__LINE__.' User '. $login. ' authenticated with an unsave password'.' '.$unsave_msg);
$message = '<font color="red">'. lang('eGroupWare checked your password for saftyness. You have to change your password for the following reason:').'<br>';
$GLOBALS['egw']->redirect_link('/index.php', array('menuaction' => 'preferences.uipassword.change','message' => $message. $unsave_msg. '</font>'));
}